Storage apparatus including nonvolatile memory

ABSTRACT

A storage apparatus includes a first memory, which is nonvolatile, a first controller that controls the first memory, a wireless antenna, a second memory, which is operable based on power supplied from the wireless antenna, and a second controller that is operable based on the power supplied from the wireless antenna, and performs communication using the wireless antenna. When performing communication with an external apparatus using the wireless antenna, the second controller performs authentication of the external apparatus, and stores in the second memory an authentication result indicating whether the authentication succeeded or failed. If the authentication result indicates that the authentication succeeded, the second controller permits reading by the external apparatus of first data from the second memory by communication using the wireless antenna or writing by the external apparatus of second data to the second memory by communication using the wireless antenna.

CROSS-REFERENCE TO RELATED APPLICATION

This application is based upon and claims the benefit of priority fromJapanese Patent Application No. 2017-059838, filed Mar. 24, 2017, theentire contents of which are incorporated herein by reference.

FIELD

Embodiments described herein relate generally to a storage apparatusincluding a nonvolatile memory.

BACKGROUND

A storage apparatus which is detachably mountable on an electronicapparatus and including a nonvolatile memory is widely used. If such astorage apparatus is mounted on an electronic apparatus, the electronicapparatus is able to write data to the storage apparatus and read datafrom the storage apparatus. An example of the storage apparatus which isdetachably mountable on an electronic apparatus includes a memory cardwhich is provided with a wireless antenna and is capable of wirelesslycommunicating with an external apparatus.

DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram illustrating an example of a configuration ofa storage apparatus having a wireless communication function accordingto a first embodiment and an information processing system including thestorage apparatus.

FIG. 2 is a diagram illustrating an example of a wireless communicationmemory according to the first embodiment.

FIG. 3 is a flowchart illustrating a data reading process in which aninformation processing apparatus according to the first embodiment readsdata from a wireless storage apparatus.

FIG. 4 is a flowchart illustrating a data writing process in which theinformation processing apparatus according to the first embodimentwrites data into the wireless storage apparatus.

FIG. 5 is a block diagram illustrating an example of a storage apparatushaving a wireless communication function according to a secondembodiment and an information processing system including the storageapparatus.

FIG. 6 is a diagram illustrating an example of a state of a nonvolatilememory in a read lock mode according to the second embodiment.

FIG. 7 is a flowchart illustrating an example of a mode determinationprocess of the wireless storage apparatus according to the secondembodiment.

FIG. 8 is a flowchart illustrating an example of a lock/unlock modeprocess of the wireless storage apparatus according to the secondembodiment.

FIG. 9 is a flowchart illustrating an example of a read lock modeprocess of the wireless storage apparatus according to the secondembodiment.

FIG. 10 is a block diagram illustrating an example of a storageapparatus having a wireless communication function according to a thirdembodiment and an information processing system including the storageapparatus.

FIG. 11 is a diagram illustrating an example of a relationship between amanagement table and a nonvolatile memory, according to the thirdembodiment.

FIG. 12 is a flowchart illustrating an example of a file reading processin a read lock mode, according to the third embodiment.

FIG. 13 is a flowchart illustrating an example from generation of amanagement table in the read lock mode to execution of a processcorresponding to a received command, according to the third embodiment.

DETAILED DESCRIPTION

In general, according to one embodiment, a storage apparatus includes afirst memory, which is nonvolatile, a first controller that controls thefirst memory, a wireless antenna, a second memory, which is operablebased on power supplied from the wireless antenna, and a secondcontroller that is operable based on the power supplied from thewireless antenna, and performs communication using the wireless antenna.The second controller, when performing communication with an externalapparatus using the wireless antenna, performs authentication of theexternal apparatus, and stores in the second memory an authenticationresult indicating whether the authentication succeeded or failed. If theauthentication result indicates that the authentication succeeded, thesecond controller permits reading by the external apparatus of firstdata from the second memory by communication using the wireless antennaor writing by the external apparatus of second data to the second memoryby communication using the wireless antenna. If the authenticationresult indicates that the authentication failed, the second controllerprohibits reading by the external apparatus of any data from the secondmemory by communication using the wireless antenna or writing by theexternal apparatus of any data to the second memory by communicationusing the wireless antenna.

Hereinafter, respective embodiments will be described with reference tothe drawings. In the following description, approximately orsubstantially the same functions and components are denoted by the samereference numerals, and a description will be given as necessary.

First Embodiment

In the present embodiment, a description will be given on a storageapparatus having a wireless communication function (hereinafter,referred to as a wireless storage apparatus) and an informationprocessing system including the wireless storage apparatus.

In the present embodiment, the user moves the information processingapparatus close to, or brings it into contact or close contact with thewireless storage apparatus. This enables the information processingapparatus and the wireless storage apparatus to perform wirelesscommunication. When communicating with the information processingapparatus in a wireless manner, the wireless storage apparatusauthenticates the information processing apparatus. The wireless storageapparatus permits reading and writing of data using wirelesscommunication from the information processing apparatus whenauthentication succeeds. Conversely, when authentication fails, thewireless storage apparatus prohibits reading and writing of data usingwireless communication from the information processing apparatus.

In the present embodiment, it is assumed that ID representsidentification information. Further, it is assumed that accessrepresents one or both of writing and reading of data to and from thestorage apparatus.

In the present embodiment, turning on a flag means rewriting a statevalue indicating that the flag is valid (for example, “1”) to the flag,and turning off a flag means rewriting a state value indicating that theflag is invalid (for example, “0”) to the flag.

FIG. 1 is a block diagram illustrating an example of a configuration ofa wireless storage apparatus according to the present embodiment and aninformation processing system including the wireless storage apparatus.

The information processing system 1 includes an electronic apparatus 2,a wireless storage apparatus 3, and an information processing apparatus4.

The electronic apparatus 2 may be, for example, toys, smart watches,game machines, mobile phones, information processing apparatuses,computers, wearable terminals, digital cameras, control devices, or thelike. The electronic apparatus 2 includes amounting unit 21 into whichthe wireless storage apparatus 3 is detachably mounted.

The wireless storage apparatus 3 is capable of wirelessly communicatingwith, for example, an external apparatus such as the informationprocessing apparatus 4, and may be, for example, various storageapparatuses such as a memory card (an SD memory card, a multimedia card,or the like), a universal serial bus (USB) memory, a hard disk drive(HDD) , and a solid state disk (SSD). In the present embodiment, adescription will be given on a case where the wireless storage apparatus3 is a memory card.

In the present embodiment, the wireless storage apparatus 3 performs,for example, wireless communication conforming to near fieldcommunication (NFC) which is the short-range wireless communicationstandard at a frequency of 13.56 MHz or the like. However, the wirelesscommunication by the wireless storage apparatus 3 may be, for example,various types of wireless communication such as a wireless local areanetwork (wireless LAN). In the NFC, it is possible to communicate atlower power than a general wireless LAN.

If the wireless storage apparatus 3 is mounted on the electronicapparatus 2, the wireless storage apparatus 3 is electrically connectedto the electronic apparatus 2, and is supplied with power from theelectronic apparatus 2. The wireless storage apparatus 3 is able totransmit data to the electronic apparatus 2 and receive data from theelectronic apparatus 2. The wireless storage apparatus 3 has a functionof communicating data with an external apparatus such as the informationprocessing apparatus 4 by using power generated by electromagneticinduction of the wireless antenna 31 even if power is not supplied fromthe electronic apparatus 2. In other words, the wireless storageapparatus 3 performs, for example, wireless communication, and cantransmit data to the information processing apparatus 4 and receive datafrom the information processing apparatus 4. In the wireless storageapparatus 3, at least some components are operable based on the powergenerated by electromagnetic induction based on radio waves emitted fromthe information processing apparatus 4, even if power is not suppliedfrom the electronic apparatus 2.

Although the wireless storage apparatus 3 communicates data with theelectronic apparatus 2 according to, for example, a wired interface suchas an SD interface in the present embodiment, other interfaces may beused. Further, although the wireless storage apparatus 3 communicatesdata with the information processing apparatus 4 by using, for example,an NFC interface, other wireless communication interfaces may be used.

The wireless storage apparatus 3 includes a wireless antenna 31, anonvolatile memory 32, a controller 33, a communication controller 34, amemory controller 35, and a connector 36. The controller 33 includes amirroring unit 331. The communication controller 34 includes a wirelesscommunication memory 37, a voltage detector 38, and an authenticationunit 39. The wireless communication memory stores an authentication flagF1, designation information D1, and target data D2.

The authentication flag F1 is a flag indicating whether or not thewireless storage apparatus 3 succeeds in authenticating the informationprocessing apparatus 4 which is a wireless communication partner. In thecase of authentication success, the authentication flag F1 is turned on,and in the case of authentication failure or non-authentication, theauthentication flag F1 is turned off.

The designation information D1 is information for designating data to beread from the nonvolatile memory 32 or data to be written to thenonvolatile memory 32. The designation information D1 includes, forexample, information indicating the address, size, type, attribute,extension, or the like of the data. The designation information D1 mayinclude, for example, commands such as a read command and a writecommand. Further, the designation information D1 may be, for example,information for designating an area of the nonvolatile memory 32 or thewireless communication memory 37 that performs writing or reading.

In the present embodiment, the type of data may be distinguisheddepending on the use of data such as a management data and user data,may be distinguished based on identification information indicating thetype of the electronic apparatus 2, which is attached to data, or may bedistinguished based on the contents of data such as text data, imagedata, and sound data. The type of the electronic apparatus 2 may bedistinguished based on the manufacturer, model number, version, or thelike of the electronic apparatus 2, or may be distinguished by functionsof a product such as a mobile phone, a camera, a computer, or the like.The types of data items and the types of the electronic apparatus 2 aremerely examples, and there may be various modifications.

The designation information D1 may include, for example, informationdesignating data or an area to be subjected to mirroring, which will bedescribed later.

The target data D2 is data read from the nonvolatile memory 32 or datato be written to the nonvolatile memory 32. According to the readcommand received from the information processing apparatus 4, thewireless storage apparatus 3 transmits the target data D2, which is readfrom the nonvolatile memory 32 and stored in the wireless communicationmemory 37, to the information processing apparatus 4. According to thewrite command received from the information processing apparatus 4, thewireless storage apparatus 3 writes the target data D2, which isreceived from the information processing apparatus 4 and stored in thewireless communication memory 37, to the nonvolatile memory 32.

In addition, the communication controller 34 and the wirelesscommunication memory 37 may be separated from each other. The controller33, the communication controller 34, and the memory controller 35 can becombined or separated. For example, the memory controller 35 may beincluded in the controller 33. The memory controller 35 and thecontroller 33 may be integrated into one chip.

The controller 33, the memory controller 35, and the nonvolatile memory32 operate, when the wireless storage apparatus 3 is supplied with powerfrom the electronic apparatus 2. When the wireless storage apparatus 3is supplied with power only through the wireless antenna 31 and is notsupplied with power from the electronic apparatus 2, the controller 33,the memory controller 35, and the nonvolatile memory 32 may not havesufficient power to operate. Meanwhile, the communication controller 34is operable, even if the wireless storage apparatus 3 is supplied withpower through the wireless antenna 31, and is not supplied with powerfrom the electronic apparatus 2. In other words, if the wireless antenna31 receives wireless radio waves of a predetermined frequencycorresponding to NFC, the communication controller 34 is operable, andthe wireless storage apparatus 3 can perform communication by NFC.

The controller 33 receives commands, addresses, data, information,instructions, signals, or the like, from the electronic apparatus 2, thememory controller 35, and the communication controller 34. Thecontroller 33 is a bridge controller that controls transmission andreception of data between, for example, the memory controller 35 and thecommunication controller 34.

The controller 33 outputs the commands, the addresses, the data, theinformation, the instructions, the signals, or the like, to the memorycontroller 35, the communication controller 34, and the electronicapparatus 2, based on the received command.

The controller 33 includes a mirroring unit 331, which is, in oneembodiment, implemented as a circuit. The mirroring unit 331 reads theauthentication flag F1 stored in the wireless communication memory 37,and when the authentication flag F1 indicates authentication success,the mirroring unit 331 performs synchronization of the data included inthe nonvolatile memory 32 and the data included in the wirelesscommunication memory 37. Here, the mirroring means making contents ofdata the same between two or more memories. For example, when thewireless storage apparatus 3 is supplied with power from the electronicapparatus 2, the mirroring unit 331 may perform mirroring, or when thedata of at least one of the nonvolatile memory 32 and the wirelesscommunication memory 37 is written or updated, the mirroring unit 331may perform mirroring. Further, the mirroring unit 331 may read, forexample, the authentication flag F1 stored in the wireless communicationmemory 37, and when the authentication flag F1 indicates authenticationsuccess, the mirroring unit 331 may perform the mirroring.

More specifically, when the authentication flag F1 indicatesauthentication success and the wireless communication is permitted, thecontroller 33 reads the designation information D1 stored in thewireless communication memory 37 through the communication controller34, reads the target data D2 indicated by the designation information D1from the nonvolatile memory 32 through the memory controller 35, andstores the read target data D2 in the wireless communication memory 37through the communication controller 34. Conversely, when theauthentication flag F1 indicates authentication success and the wirelesscommunication is permitted, the controller 33 may read the target dataD2 indicated by the designation information D1 from the wirelesscommunication memory 37 through the communication controller 34, and maystore the read target data D2 in the nonvolatile memory 32 through thememory controller 35.

Further, when the authentication flag F1 indicates authenticationsuccess and the wireless communication is permitted, the controller 33reads the target data D2 and the designation information D1 stored inthe wireless communication memory 37 through the communicationcontroller 34, and stores the read target data D2 in the area of thenonvolatile memory 32 indicated by the designation information D1through the memory controller 35.

The memory controller 35 controls the nonvolatile memory 32. The memorycontroller 35 writes data to the nonvolatile memory 32, for example,based on the commands or the like which are input from the controller33. The memory controller 35 reads data from the nonvolatile memory 32and outputs the data to the controller 33, for example, based on thecommands or the like which are input from the controller 33.

The nonvolatile memory 32 may be, for example, a nonvolatilesemiconductor memory. The nonvolatile memory 32 is, for example, a NANDflash memory, but may be another nonvolatile semiconductor memory suchas a NOR flash memory, a magnetoresistive random access memory (MRAM: amagnetoresistive memory), a phase-change random access memory (PRAM: aphase-change memory), a resistive random access memory (ReRAM: aresistance-change memory), and a ferroelectric random access memory(FeRAM). For example, the nonvolatile memory 32 may be anothernonvolatile memory, a magnetic memory, or the like. For example, thenonvolatile memory 32 may be a flash memory of a three-dimensionalstructure.

The wireless antenna 31 is, for example, a PCB pattern antenna. Thepossible operation frequency band of the wireless antenna 31 may be apredetermined frequency band corresponding to NFC.

The wireless antenna 31 is capable of generating power byelectromagnetic induction, based on, for example, the radio wavesemitted from the information processing apparatus 4. The wirelessantenna 31 supplies the generated power to the communication controller34.

The wireless antenna 31 receives commands, addresses, data, information,instructions, signals, or the like, from the information processingapparatus 4. The wireless antenna outputs the received command, or thelike, to the communication controller 34.

The communication controller 34 performs communication with theinformation processing apparatus 4 and the like through the wirelessantenna 31. The communication controller 34 receives commands,addresses, data, information, instructions, signals, or the like fromthe controller 33 and the wireless antenna 31. The communicationcontroller 34 outputs, for example, data and the like, to the controller33 and the wireless antenna 31, based on the received command. Thecommunication controller 34 reads data from the wireless communicationmemory 37, based on the received command, address, and the like, andoutputs the read data to the controller 33, and the wireless antenna 31.The communication controller 34 stores data in the wirelesscommunication memory 37, based on the received command, address, dataand the like.

When receiving the command and data through the controller 33 or thewireless antenna 31, the communication controller 34 writes data to thewireless communication memory 37. The communication controller 34,however, may not write the data of the wireless communication memory 37in some situations.

The commands, the addresses, the data, the information, theinstructions, the signals, or the like, which are communicated betweenthe electronic apparatus 2, the controller 33, the memory controller 35,the communication controller 34, the wireless antenna 31, and the like,do not necessarily match in the formats thereof. In other words, as longas commands, addresses, data, information, instructions, signals, or thelike may be recognized by both communication parties, there is no needto match the commands, addresses, data, information, instructions,signals, or the like, which are communicated by other parties, in theirformats.

The authentication unit 39, which is, in one embodiment, implemented asa circuit, authenticates the information processing apparatus 4.Authentication is, for example, mutual authentication, or the like. Inmutual authentication, the authentication unit 39 checks whether or notthe private key of the information processing apparatus 4 matches theprivate key of the wireless storage apparatus 3. For example, theauthentication unit 39 receives first authentication key informationfrom the information processing apparatus 4, when performing wirelesscommunication with the information processing apparatus 4. Theauthentication unit 39 compares second authentication key informationstored in the wireless communication memory 37 with the received firstauthentication key information, and when both match, the authenticationunit 39 determines that authentication succeeds, and turns on theauthentication flag F1. Further, when the authentication key informationpieces do not match, the authentication unit 39 determines thatauthentication fails and turns off the authentication flag F1.

When the authentication flag F1 indicates authentication success, theauthentication unit 39 permits wireless communication to be executedbetween the wireless storage apparatus 3 and the information processingapparatus 4.

When receiving the designation information D1 and the target data D2from the information processing apparatus 4 through the wireless antenna31, the communication controller 34 writes the designation informationD1 and the target data D2 in the wireless communication memory 37. Inaddition, when receiving the designation information D1 from theinformation processing apparatus 4 through the wireless antenna 31, thecommunication controller 34 transmits the target data D2 designated bythe designation information D1 to the information processing apparatus 4through the wireless antenna 31.

The communication controller 34 encrypts the target data D2 to betransmitted to the information processing apparatus 4 through thewireless antenna 31 by using the encryption key information stored inthe wireless communication memory 37. Further, the communicationcontroller 34 decrypts the encrypted designation information D1 andtarget data D2, which are received from the information processingapparatus 4 through the wireless antenna 31, by using the encryption keyinformation stored in the wireless communication memory 37. In addition,the authentication key information and the encryption key informationmay be the same.

The wireless communication memory 37 is, for example, a nonvolatilememory. The wireless communication memory 37 stores data under thecontrol of the communication controller 34 or the memory controller 35.The wireless communication memory 37, in alternative embodiments, may bevolatile, and the storage of data in the wireless communication memory37 may be temporary. In addition, although an electrically erasableprogrammable read-only memory (EEPROM) is used as the wirelesscommunication memory 37, it is possible to use various memoriessimilarly to the nonvolatile memory 32.

It is desirable that the nonvolatile memory used in the wirelesscommunication memory 37 has lower power consumption per unit volume thanthat of the nonvolatile memory 32, so as to be operable with the powersupplied from the wireless antenna 31. Specifically, a NOR memory may beused as the wireless communication memory 37.

The voltage detector 38 is electrically connected to the wirelessantenna 31. The voltage detector 38 detects the voltage supplied fromthe wireless antenna 31 to the communication controller 34. The voltagedetector 38 issues a reset command of communication by NFC, until thevoltage reaches a predetermined value at which the communicationcontroller 34 is operable. The communication controller 34 does notperform communication by NFC while receiving the reset command. Thisreset command allows to prevent an abnormal activation and operation ofcommunication by NFC. When the voltage reaches a predetermined value,the voltage detector 38 may output an operational command to thecommunication controller 34. Only when receiving the operationalcommand, the communication controller 34 performs communication by NFC.

The connector 36 is, for example, a standardized connection terminal,and electrically connects the wireless storage apparatus 3 with theelectronic apparatus 2.

The information processing apparatus 4 may be, for example, mobilephones (including smartphones), computers, game machines, wearableterminals, portable devices, control devices, or the like. Theinformation processing apparatus 4 is able to communicate commands,addresses, data, information, instructions, signals, or the like withthe wireless storage apparatus 3.

The information processing apparatus 4 includes, for example, a memory41, a communication controller 42, and an instruction unit 43, which is,in one embodiment, a programmed processor.

The memory 41 stores the designation information D1 and the target dataD2. When reading the target data D2 from the wireless storage apparatus3, the information processing apparatus 4 transmits designationinformation D1 designating the target data D2, the read command, and thelike to the wireless storage apparatus 3, and receive the target data D2from the wireless storage apparatus 3. When writing the target data D2to the wireless storage apparatus 3, the information processingapparatus 4 transmits the target data D2, the designation information D1designating the writing area of the target data D2, and the writecommand, to the wireless storage apparatus 3.

Further, the communication controller 42 controls the reception ofcommands, addresses, data, information, instructions, signals, or thelike from the wireless storage apparatus 3 to the information processingapparatus 4.

Further, the communication controller 42 controls the transmission ofcommands, data, information, instructions, signals, or the like from theinformation processing apparatus 4 to the wireless storage apparatus 3.

The communication controller 42 encrypts the data to be transmitted tothe wireless storage apparatus 3, by using encryption key informationstored in the memory 41. In addition, the communication controller 42decrypts the encrypted data that is received from the wireless storageapparatus 3, by using the encryption key information stored in thememory 41.

The instruction unit 43 transmits a read command or a write command tothe wireless storage apparatus 3 through the communication controller42. Specifically, the instruction unit 43 transmits the read command,the target data D2 to be read or the designation information D1indicating the area to the wireless storage apparatus 3 through thecommunication controller 42, and receives the target data D2 from thewireless storage apparatus 3 through the communication controller 42.Further, the instruction unit 43 transmits the write command, the targetdata D2, and the designation information D1 indicating the writedestination, to the wireless storage apparatus 3.

The instruction unit 43 reads the authentication key information fromthe memory 41, for authentication of the wireless storage apparatus 3,and transmits the authentication key information to the wireless storageapparatus 3 through the communication controller 42.

FIG. 2 is a diagram illustrating an example of the wirelesscommunication memory 37 according to the present embodiment. Theallocation of each data item to the address shown in FIG. 2 is anexample and can be appropriately changed.

In the memory space of the wireless communication memory 37, forexample, 16 bytes of data is allocated to a single address. The size ofdata allocated to a single address, however, can be changed.

The wireless communication memory 37 includes a secret area 37 a thatcannot be read from external apparatuses such as the electronicapparatus 2 and the information processing apparatus 4, and a publicarea 37 b that can be read from external apparatuses. For example, theauthentication flag F1, the authentication key information, and theencryption key information are stored in the secret area 37 a. Forexample, the designation information D1 and the target data D2 arestored in the public area 37 b.

FIG. 3 is a flowchart illustrating a data reading process in which theinformation processing apparatus 4 according to the present embodimentreads data from the wireless storage apparatus 3.

In FIG. 3, it is assumed that the wireless storage apparatus 3 issupplied with power from the electronic apparatus 2 and the controller33, the memory controller 35, and the nonvolatile memory 32 of thewireless storage apparatus 3 are operable.

In step S101, the instruction unit 43 of the information processingapparatus 4 transmits the designation information D1 to the wirelessstorage apparatus 3 through the communication controller 42.

In step S102, the authentication unit 39 of the communication controller34 of the wireless storage apparatus performs authentication on thewireless communication between the information processing apparatus 4and the wireless storage apparatus 3. The authentication unit 39receives, for example, the first authentication key information from theinformation processing apparatus 4 through the wireless antenna 31, andreads the second authentication key information stored in the secretarea 37 a of the wireless communication memory 37. Then, theauthentication unit 39 compares the first authentication key informationwith the second authentication key information. If both match, it isdetermined as authentication success; and if both do not match, it isdetermined as authentication failure.

In step S103, the authentication unit 39 turns on the authenticationflag F1 of the secret area 37 a in the case of authentication success,and turns it off in the case of authentication failure.

In step S104, the mirroring unit 331 and communication controller 34 ofthe controller 33 checks the state of the authentication flag F1, anddetermines whether the authentication flag F1 is on or not.

When the authentication flag F1 is off, the mirroring unit 331 does notperform mirroring, the process proceeds to step S111, and thecommunication controller 34 does not permit wireless communication withthe information processing apparatus 4.

When the authentication flag F1 is on, the communication controller 34permits wireless communication with the information processing apparatus4 in step S105, and stores the designation information D1 receivedthrough the wireless antenna 31 from the information processingapparatus 4 in the public area 37 b of the wireless communication memory37 in step S106.

In step S107, the mirroring unit 331 of the controller 33 reads thedesignation information D1 from the public area 37 b through thecommunication controller 34, reads the target data D2 indicated by thedesignation information D1 from the nonvolatile memory 32 through thememory controller 35, and stores the read target data D2 in the publicarea 37 b of the wireless communication memory 37 through thecommunication controller 34.

In step S108, the communication controller 34 transmits the target dataD2 stored in the wireless communication memory 37 to the informationprocessing apparatus 4 through the wireless antenna 31.

In step S109, the instruction unit 43 of the information processingapparatus 4 receives the target data D2 from the wireless storageapparatus 3 through the communication controller 42, and stores thetarget data D2 in the memory 41.

In addition, after the completion of the wireless communication with theinformation processing apparatus 4, the authentication unit 39 of thecommunication controller 34 may automatically change the authenticationflag F1 to the non-authenticated state (OFF) in step S110. Further, forexample, the authentication unit 39 may turn off the authentication flagF1 before power supply from the wireless antenna 31 to the wirelessstorage apparatus 3 is interrupted.

Thereafter, in step S111, the communication controller does not permitthe wireless communication with the information processing apparatus 4.

FIG. 4 is a flowchart illustrating a data writing process in which theinformation processing apparatus 4 according to the present embodimentwrites data to the wireless storage apparatus 3. In FIG. 4, as in thecase of FIG. 3, it is assumed that power is supplied from the electronicapparatus 2 to the wireless storage apparatus 3.

In step S201, the instruction unit 43 of the information processingapparatus 4 transmits the designation information D1 and the target dataD2 to the wireless storage apparatus 3 through the communicationcontroller 42.

Since the steps S202 to S205 are the same as the steps S102 to S105 ofFIG. 3, the description thereof will be omitted.

When the authentication flag F1 is on, the communication controller 34stores the designation information D1 and the target data D2 receivedthrough the wireless antenna 31 from the information processingapparatus 4 in the public area 37 b of the wireless communication memory37 in step S206.

In step S207, the mirroring unit 331 of the controller 33 reads thedesignation information D1 and the target data D2 from the public area37 b through the communication controller 34, and writes the target dataD2 to the area of the nonvolatile memory 32 indicated by the designationinformation D1 through the memory controller 35.

When the mirroring unit 331 writes the target data D2 to the nonvolatilememory 32, if it is not necessary to designate information on the targetdata D2, such as the writing destination of the target data D2, thedesignation information D1 may not be communicated in the communicationbetween the information processing apparatus 4 and the wireless storageapparatus 3 in FIG. 4.

Since step S208 and step S209 are the same processes as those of stepS110 and step S111 of FIG. 3, the description thereof will be omitted.

In the present embodiment described above, data and an area for storingthe data are designated by the designation information D1. In thepresent embodiment, control is performed such that the data itemsdesignated by the designation information D1 in the nonvolatile memory32 and the wireless communication memory 37 become the same bymirroring. Thus, data can be communicated between the electronicapparatus 2 and the information processing apparatus 4 through thewireless storage apparatus 3. For example, the information processingapparatus 4 can acquire the data stored in the nonvolatile memory 32,and the electronic apparatus 2 can acquire the data stored in thewireless communication memory 37. Further, the information processingapparatus 4 can rewrite the data stored in the nonvolatile memory 32,and the electronic apparatus 2 can rewrite the data stored in thewireless communication memory 37. Further, without removing the wirelessstorage apparatus 3 from the electronic apparatus 2, the informationprocessing apparatus 4 can read the data stored in the wireless storageapparatus 3 and store the data in the wireless storage apparatus 3. Sucha wireless storage apparatus 3 is applicable to fields such as controland maintenance of industrial equipment and health equipment. Morespecifically, the wireless storage apparatus 3 is mounted on industrialequipment corresponding to the electronic apparatus 2, and log data ofthe industrial equipment is stored in the wireless storage apparatus 3.An administrator carrying the information processing apparatus 4 canreceive and collect the log data from the wireless storage apparatus 3while operating the industrial equipment.

In the present embodiment, data to be mirrored can be designated, suchthat a memory with a larger capacity between the nonvolatile memory 32and the wireless communication memory 37 can store one or a pluralityitems of data, and store the data selected from the memory with a largercapacity in a memory with a smaller capacity in synchronization witheach other. In this case, it is also possible to freely designate dataand an area, with respect to any of the nonvolatile memory 32 and thewireless communication memory 37.

In the present embodiment, since it is determined whether to performmirroring between the nonvolatile memory 32 and the wirelesscommunication memory 37 by using the result of authentication by theauthentication unit 39, it is possible to restrict the access to thewireless storage apparatus 3 from the information processing apparatus4.

In the present embodiment, mirroring is executed promptly at the timingwhen the power supply from the electronic apparatus 2 to the wirelessstorage apparatus 3 is started, the timing when the data or area to bemirrored is updated, and the like.

Furthermore, in the present embodiment, the wireless storage apparatus 3authenticates the information processing apparatus 4 when receiving theread or write command of the target data D2 from the informationprocessing apparatus 4, and only when the authentication succeeds, thewireless storage apparatus 3 permits reading or writing of the targetdata D2 using wireless communication from the information processingapparatus 4. This can strengthen the security of the wirelesscommunication of the wireless storage apparatus 3.

In the present embodiment, the security can be further strengthenedbecause the target data D2 to be communicated is further encrypted afterperforming the authentication process between the information processingapparatus 4 and the wireless storage apparatus 3.

In the present embodiment, the private data or the business data to beprotected stored in the wireless storage apparatus 3 can be preventedfrom leaking out and thus properly managed.

In the present embodiment, for example, when the authentication of theinformation processing apparatus 4 fails, the authentication unit 39prohibits reading of data from the wireless storage apparatus 3 to theinformation processing apparatus 4, but may permit writing of data fromthe information processing apparatus 4 to the wireless storage apparatus3. On the contrary, when the authentication of the informationprocessing apparatus 4 succeeds, the wireless storage apparatus 3permits reading of data from the wireless storage apparatus 3 to theinformation processing apparatus 4, but may prohibit writing of datafrom the information processing apparatus 4 to the wireless storageapparatus 3. In this way, it is possible to adjust the security levelaccording to the environment in which the wireless storage apparatus 3is used by giving the degree of freedom to settings relating topermission or prohibition of wireless communication by theauthentication unit 39.

In the present embodiment, the authentication flag F1 maybe turned ononly when the authentication unit 39 succeeds in authentication of theinformation processing apparatus 4 in a state where the wireless storageapparatus 3 is mounted on the electronic apparatus 2. In this case, theauthentication flag F1 is rewritten to ON in the state where thewireless storage apparatus 3 is not mounted on the electronic apparatus2, and thereafter, the wireless storage apparatus 3 is mounted on anunintended apparatus, and data stored in the nonvolatile memory 32 orthe wireless communication memory 37 can be prevented from being read bythe unintended apparatus.

In the present embodiment, the secret area 37 a of the wirelesscommunication memory 37 may store a power-on flag indicating whetherpower is turned on or not. The power-on flag is turned on when power issupplied to the controller 33, and is turned off when power is notsupplied to the controller 33. The authentication unit 39 may notperform authentication of the information processing apparatus 4 whenthe power-on flag is off. Further, the authentication unit 39 may changethe state of the authentication flag F1 to the non-authentication state(OFF) when the power-on flag is turned off. Thereby, it is possible toprevent the authentication flag from being rewritten while the wirelessstorage apparatus 3 is not mounted on the electronic apparatus 2.

Second Embodiment

In the present embodiment, a modification of the first embodiment willbe described.

The wireless storage apparatus according to the present embodimentoperates in either a lock/unlock mode or a read lock mode.

In the present embodiment, locking (e.g., to restrict access) means thatreading data from a wireless storage apparatus or writing of data to awireless storage apparatus is prohibited, and unlocking (e.g., to permitaccess) means that writing is permitted for a wireless storage apparatusto which writing is prohibited, or reading is permitted for a wirelessstorage apparatus from which reading is prohibited.

The lock/unlock mode is a mode in which when the user wants to lock orunlock the access to the nonvolatile memory 32, the memory controller 35locks or unlocks the access to the nonvolatile memory 32, by using thewireless communication from the information processing apparatus 4 tothe communication controller 34. In the lock/unlock mode, locking orunlocking means that for example, the controller 33 transmits alock/unlock command to the memory controller 35, and the memorycontroller 35 locks or unlocks the access to the nonvolatile memory 32in response to the lock/unlock command.

The read lock mode is, for example, a mode in which the controller 33returns the dummy data of data corresponding to the read command to theelectronic apparatus 2 that transmitted the command, or a mode in whichthe controller 33 returns a response indicating that reading isprohibited, to the transmitter of the read command, when the readingfrom the nonvolatile memory 32 is locked. In the read lock mode, forexample, even when reading from the nonvolatile memory 32 is locked, thecontroller 33 is able to write data corresponding to the write commandto the nonvolatile memory 32 through the memory controller 35.

In the present embodiment, it is assumed that the lock/unlock mode andthe read lock mode can be switched under the control of the controller33. The data written to the nonvolatile memory 32 in the read lock modecan be read when the reading from the wireless storage apparatus 3A isunlocked in the lock/unlock mode.

In the present embodiment, the locking or unlocking of the access to thenonvolatile memory 32 of the wireless storage apparatus 3A is alsorepresented simply as the locking or unlocking of the nonvolatile memory32 or the wireless storage apparatus 3A.

FIG. 5 is a block diagram illustrating an example of a configuration ofa wireless storage apparatus according to the present embodiment and aninformation processing system including the wireless storage apparatus.

The information processing system 1A includes an electronic apparatus 2,a wireless storage apparatus 3A, and an information processing apparatus4. In addition, a description of the same components as those includedin the wireless storage apparatus 3 according to the first embodiment ofthe components included in the wireless storage apparatus 3A will beomitted.

The wireless communication memory 37 of the wireless storage apparatus3A stores a read lock flag F2 and a lock state information F3.

When operating in the read lock mode, as described later with referenceto FIG. 6, the nonvolatile memory 32 is divided into a first area 32Aand a second area 32B.

The read lock flag F2 is a flag indicating whether or not the wirelessstorage apparatus 3A is in the read lock mode. If the wireless storageapparatus 3A is in the read lock mode, the read lock flag F2 is turnedon, and if the wireless storage apparatus 3A is not in the read lockmode, the read lock flag F2 is turned off.

The lock state information F3 is used to manage whether or not toprohibit writing or reading of data for the nonvolatile memory 32. Whenreceiving a write command or a read command of data from the electronicapparatus 2, the controller 33 determines whether to permit or prohibitwriting or reading of data, based on the lock state information F3.

The lock state information F3 includes, for example, data indicatingpermission or prohibition of reading, permission or prohibition ofwriting, permission or prohibition of reading and writing, for thenonvolatile memory 32. The lock state information F3 includes, forexample, a plurality of bits, and switches on or off of each bit,thereby realizing four types of lock states of the nonvolatile memory32: reading and writing possible, reading only possible, writing onlypossible, and reading and writing prohibition. The mode of the lockstate information F3 is not limited to the above.

The read lock flag F2 and the lock state information F3 are changed byreceiving an instruction from the information processing apparatus 4, bywireless communication between the wireless storage apparatus 3B and theinformation processing apparatus 4. The read lock flag F2 maybe changedby receiving an instruction from the electronic apparatus 2, when thewireless storage apparatus 3B is mounted on the mounting unit 21 of theelectronic apparatus 2.

In the present embodiment, it is desirable that the read lock flag F2and the lock state information F3 are stored in the secret area 37 a(see FIG. 2) of the wireless communication memory 37. However, the readlock flag F2 and the lock state information F3 may be stored in thepublic area 37 b.

FIG. 6 is a diagram illustrating an example of a state of thenonvolatile memory 32 at the read lock mode according to the presentembodiment.

If the wireless storage apparatus 3A operates in the read lock mode, thecontroller 33 controls the memory controller 35 such that thenonvolatile memory 32 is divided into a first area 32A for data writingand a second area 32B for data reading. For example, the storagecapacities of the first area 32A and the second area 32B may be thesame.

For example, file placement data 53A and a file 54A are stored in thefirst area 32A.

The file placement data 53A is associated with the file ID and theposition of the file 54A stored in the first area 32A. The controller 33is able to recognize which file is placed in which position of the firstarea 32A, with reference to the file placement data 53A, through thememory controller 35.

The file 54A is, for example, an arbitrary file (of user data) which iswritable by the user.

On the other hand, the file placement data 53B and the dummy file 54Bare stored in the second area 32B.

The file placement data 53B is associated with the file ID and theposition of the dummy file 54B stored in the second area 32B. Thecontroller 33 is able to recognize which dummy file 54B is placed inwhich position of the second area 32B, with reference to the fileplacement data 53B, through the memory controller 35.

The dummy file 54B is read instead of the file 54A for the reading ofthe file 54A, in order to ensure the security of the file 54A that iswritten in the first area 32A. A part of the dummy file 54B may becopied from the file 54A. For example, when a common file is disposed atthe addresses common to the first area 32A and the second area 32B, thefile can be read in the read lock mode, regardless of the state of thelock state information F3.

The file placement data 53A and the file placement data 53B are storedin, for example, in the file allocation table (FAT) area of the firstarea 32A and the FAT area of the second area 32B, respectively.

However, the file placement data 53 and the file placement data 53B maybe stored, for example, at the heads of the first area 32A and thesecond area 32B, respectively. The FAT area is an area for storingposition information of the file in the memory.

The controller 33 reads the read lock flag F2 and the lock stateinformation F3 from the wireless communication memory 37, through thecommunication controller 34.

In the wireless storage apparatus 3 in the read lock mode, when the lockstate information F3 designates the locking of reading, the controller33 is able to write the file 54A to the first area 32A of thenonvolatile memory 32, but is not able to read the file 54A from thefirst area 32A, through the memory controller 35.

In the read lock mode, when receiving the write command from theelectronic apparatus 2 through the connector 36, the controller 33selects the first area 32A as a writing destination. In the read lockmode, when the controller 33 receives a read command from the electronicapparatus 2 through the connector 36, the controller 33 selects thefirst area 32A as a reading destination if reading is not locked, andselects the second area 32B as a reading destination if reading islocked.

Further, the file placement data 53B and the dummy file 54B are storedin the second area 32B of the nonvolatile memory 32 in the presentembodiment, but the controller 33 may store the file placement data 53Band the dummy file 54B in the memory R of the controller 33. The memoryR is, for example, a random access memory (RAM) or the like, but withoutbeing limited thereto, may be, for example, anyone of a static randomaccess memory (SRAM), a dynamic random access memory (DRAM), and varioussemiconductor memories. If the memory R is a volatile memory, when poweris supplied, the controller 33 may read necessary data from thenonvolatile memory 32 through the memory controller 35 and write theread data to the memory R, and immediately before the supply of power isinterrupted, the controller 33 may write data of the memory R to thenonvolatile memory 32 through the memory controller 35.

FIG. 7 is a flowchart illustrating an example of a mode determinationprocess of the wireless storage apparatus 3A according to the presentembodiment.

In step S301, the wireless storage apparatus 3A is supplied with powerfrom the electronic apparatus 2.

In step S302, the controller 33 of the wireless storage apparatus 3Areads the read lock flag F2 from the wireless communication memory 37,through the communication controller 34.

In step S303, the controller 33 determines whether or not the read lockflag F2 is off.

When the read lock flag F2 is off, in step S304, the controller 33performs the lock/unlock mode process.

When the read lock flag F2 is on, in step S305, the controller 33performs the read lock mode process. Details of the lock/unlock modeprocess and the details of the read lock mode process will be describedlater with reference to FIG. 8 and FIG. 9, respectively.

In step S306, when the process is to be continued, the process returnsto step S302. The controller 33 again reads the read lock flag F2 andselects the read lock mode and the lock/unlock mode.

The reading of the read lock flag F2 may be executed, for example, atthe timing of access to the wireless storage apparatus 3A from theelectronic apparatus 2, or at a timing at which a periodic command isgenerated, or maybe periodically executed in a state where the wirelessstorage apparatus 3A is supplied with power from the electronicapparatus 2.

When changing the operation state of the wireless storage apparatus 3Afrom the lock/unlock mode to the read lock mode, and for example, theinformation processing apparatus 4 wirelessly communicates with thewireless storage apparatus 3, and rewrites the read lock flag F2 fromoff to on. Thus, the read lock flag F2 is read at the timing when theprocess returns to step S302, and it is determined whether it is thelock/unlock mode or the read lock mode. When the wireless storageapparatus 3A is mounted on the electronic apparatus 2, the read lockflag F2 may be rewritten in response to an instruction from theelectronic apparatus 2.

FIG. 8 is a flowchart illustrating an example of the lock/unlock modeprocess of the wireless storage apparatus 3A according to the presentembodiment. The process of FIG. 8 corresponds to step S304 of FIG. 7.

In step S401, the controller 33 reads the lock state information F3 fromthe wireless communication memory 37, through the communicationcontroller 34. For example, the reading of the lock state information F3may be periodically executed regardless of occurrence of access from theelectronic apparatus 2 to the wireless storage apparatus 3.

In step S402, the controller 33 determines which one of locking andunlocking is designated by the read lock state information F3.

If the lock state information F3 designates unlocking, in step S403, thecontroller 33 determines whether or not a write command or a readcommand is received from the electronic apparatus 2 through theconnector 36, and repeats the determination of step S403 until the writecommand or the read command is received.

If the controller 33 receives the write command or the read command, instep S404, the controller 33 maintains the unlocked state, and transmitsthe received write command or read command to the memory controller 35,and the memory controller 35 performs writing or reading to thenonvolatile memory 32. Thereafter, the process proceeds to step S407.

As a result of the determination in step S402, if the lock stateinformation F3 designates locking, in step S405, the controller 33transmits a lock command to the memory controller 35. Asa result, thememory controller 35 performs locking according to the lock commandreceived from the controller 33.

In step S406, even if the controller 33 transmits to the memorycontroller 35, the write command or the read command received from theelectronic apparatus 2 through the connector 36, and the memorycontroller 35 does not receive the write command or the read commandfrom the controller 33. Alternatively, even if the write command or theread command is not received from the controller 33, memory controller35 may ignore or discard the received command.

After step S404 or step S406, the controller 33 determines whether ornot to continue the process in step S407. If the process is not to becontinued, the process ends; and if the process is to be continued, theprocess proceeds to step S401.

FIG. 9 is a flowchart illustrating an example of a read lock modeprocess of the wireless storage apparatus 3A according to the presentembodiment. The process of FIG. 9 corresponds to step S305 of FIG. 7.

In step S501, the controller 33 determines whether or not a writecommand or a read command is received from the electronic apparatus 2through the connector 36, and repeats the determination of step S501until the write command or the read command is received.

In step S502, the controller 33 determines which one of the writecommand and the read command is received from the electronic apparatus 2through the connector 36.

When it is determined that the write command is received, in step S503,the controller 33 instructs the memory controller 35 to perform writingto the first area 32A of the nonvolatile memory 32. The memorycontroller 35 writes the file 54A to the first area 32A.

In step S504, the controller 33 updates the file placement data 53A inthe first area 32A, and similarly updates the file placement data 53B inthe second area 32B, through the memory controller 35.

On the other hand, if it is determined in step S502 that the readcommand is received, in step S505, the controller 33 receives the lockstate information F3 of the wireless communication memory 37 through thecommunication controller 34, and determines whether or not the receivedlock state information F3 permits reading from the first area 32A.

If the reading of the lock state information F3 from the first area 32Ais permitted, the controller 33 instructs the memory controller 35 toread a file from the first area 32A instep S506. The memory controller35 reads the file 54A from the first area 32A and transmits the readfile 54A to the controller 33. The controller 33 transmits the file 54Areceived from the memory controller 35 to the electronic apparatus 2through the connector 36. Thereafter, the process proceeds to step S508.

On the other hand, if the reading of the lock state information F3 fromthe first area 32A is not permitted, the controller 33 instructs thememory controller 35 to read the dummy file 54B from the second area32B, in step S507. The memory controller 35 reads the dummy file 54Bfrom the second area 32B and transmits the read dummy file 54B to thecontroller 33. The controller 33 transmits the dummy file 54B receivedfrom the memory controller 35 to the electronic apparatus 2 through theconnector 36. Thereafter, the process proceeds to step S508.

In step S513, the controller 33 determines whether or not to continuethe process. If the process is not to be continued, the process ends;and if the process is to be continued, the process proceeds to stepS501.

In the present embodiment, when the reading of a file from the firstarea 32A is not permitted in the read lock mode, the controller 33 maysearch, for example, the second area 32B of the nonvolatile memory 32,and return the results of searching for the second area 32B to thetransmitter of the search command, in response to the received searchcommand.

When reading the dummy file 54B through the memory controller 35, thecontroller 33 may transmit the dummy file 54B and information fornotifying that the transmitted data is dummy, to the destination of thedummy file 54B.

When the reading of a file from the first area 32A is not permitted inthe read lock mode, the controller 33 may permit or prohibit thedeletion of the file from the first area 32A.

The above is a description of a lock/unlock mode and a read lock modewhen a read command or a write command is received from the electronicapparatus 2. The operations in the lock/unlock mode and the read lockmode as described above can also be used when data of the nonvolatilememory 32 is written to the wireless communication memory 37 by themirroring unit 331.

More specifically, the mirroring unit 331 first reads the read lock flagF2 and the lock state information F3 from the wireless communicationmemory 37 through the communication controller 34 at the mirroringexecution timing.

When the read lock flag F2 is ON and the lock state information F3indicates that reading is prohibited, the mirroring unit 331 reads thedummy file 54B from the nonvolatile memory 32 through the memorycontroller 35 and stores the dummy file 54B in the wirelesscommunication memory 37 through the communication controller 34. Whenthe information processing apparatus 4 reads the data in the wirelessstorage apparatus 3A, the information processing apparatus 4 receivesthe dummy file 54B stored in the wireless communication memory 37.

The mirroring unit 331 does not read data from the nonvolatile memory32, when the lock state information F3 indicates that reading isprohibited, in the lock/unlock mode.

When the lock state information F3 indicates that writing is prohibited,the mirroring unit 331 does not write the data stored in the wirelesscommunication memory 37 to the nonvolatile memory 32.

When the lock state information F3 indicates that writing is permitted,the mirroring unit 331 is able to write the data stored in the wirelesscommunication memory 37 to the first area 32A of the nonvolatile memory32.

In the present embodiment described above, the controller 33 can performswitching between the lock/unlock mode and read lock mode, according tothe read lock flag F2 stored in the wireless communication memory 37 ofthe wireless storage apparatus 3A. In the read lock mode, the controller33 stores the data in the first area 32A of the nonvolatile memory 32when receiving the write command, and reads data from the second area32B of the nonvolatile memory 32 when receiving the read command. Thatis, the controller 33 can read the dummy file 54B corresponding to thedata to be read. Thus, the security of the wireless storage apparatus 3Ais enhanced and leakage of confidential information can be prevented, ascompared with the case where reading is prohibited, in the lock/unlockmode.

In the present embodiment, the wireless storage apparatus 3 can beeasily carried, and even if the wireless storage apparatus 3 is lost orstolen, it is possible to ensure security, and protect the privacy ofthe user. If the authentication succeeds, the user can switch betweenthe read lock mode and the lock/unlock mode, switch between readingpossible and impossible, switch between writing possible and impossible,for example, by simply moving the information processing apparatus 4such as a set smartphone close to the wireless storage apparatus 3.Therefore, the user can easily and quickly switch the security modeaccording to the user's own intention. Further, the workload of the useris reduced.

Third Embodiment

In the present embodiment, a modification of the read lock modeaccording to the second embodiment will be described.

In the present embodiment, it is assumed that the wireless storageapparatus 3B operates in one of the lock/unlock mode and the read lockmode, similarly to the wireless storage apparatus 3A according to thesecond embodiment. The switching process between the lock/unlock modeand the read lock mode (see FIG. 7), and the lock/unlock mode process(see FIG. 8) are the same as in the second embodiment.

Also in the present embodiment, when mirroring is performed by themirroring unit 331, the mirroring unit 331 performs reading and writingof data according to the lock/unlock mode and the read lock mode.

In the read lock mode according to the second embodiment, the storagearea of the nonvolatile memory 32 is divided into a first area 32A and asecond area 32B. When the controller 33 receives a write command, datais written in the first area. When the controller 33 receives the readcommand and reading of data is prohibited, data is read from the secondarea.

On the other hand, in the read lock mode according to the presentembodiment, the controller 33 stores management data for managingwhether to permit reading of the data from the nonvolatile memory 32.Based on the management data, the controller 33 determines whether ornot to read the data to be read. Thus, in the read lock mode accordingto the present embodiment, division of the storage area of thenonvolatile memory 32 becomes unnecessary, and the nonvolatile memory 32can be efficiently used.

FIG. 10 is a block diagram illustrating an example of a configuration ofa wireless storage apparatus according to the present embodiment and aninformation processing system including the wireless storage apparatus.

The information processing system 1B includes an electronic apparatus 2,a wireless storage apparatus 3B, and an information processing apparatus4. A description of the same components as those included in thewireless storage apparatus 3 according to the first embodiment or thewireless storage apparatus 3A according to the second embodiment, amongthe components included in the wireless storage apparatus 3B accordingto the present embodiment will be omitted.

The controller 33 of the wireless storage apparatus 3B includes a memoryR. The controller 33 uses the management table T stored in the memory Rto determine whether or not to permit reading on a per predetermineddata unit basis of the nonvolatile memory 32. The details of themanagement table T will be described with reference to FIG. 11. Thememory R may be provided outside the controller 33.

In the read lock mode, the controller 33 controls, for example, accessand mirroring to the nonvolatile memory 32 from the electronic apparatus2.

More specifically, when the controller 33 receives a read command forthe nonvolatile memory 32 from the electronic apparatus 2 through theconnector 36, the controller 33 reads the read lock flag F2 from thewireless communication memory 37 through the communication controller34. The controller 33 determines whether or not the read lock mode ison, based on the read lock flag F2. When the read lock mode is on, thecontroller 33 refers to the management table T and determines whether ornot the reading of the target data of the read command is permitted.When reading of the data is permitted, the controller 33 reads the datafrom the nonvolatile memory 32 through the memory controller 35 andtransmits the read data to the electronic apparatus 2 through theconnector 36. If reading of the data is not permitted, the controller 33transmits the dummy data generated by the controller 33 or a responseindicating that reading of the data is prohibited, to the electronicapparatus 2 through the connector 36.

The controller 33 may generate, for example, random data as dummy data,or may automatically generate data that does not need to be in a secretstate.

During mirroring, the mirroring unit 331 reads the read lock flag F2from the wireless communication memory 37 through the communicationcontroller 34 at the mirroring execution timing. The mirroring unit 331determines whether or not the read lock mode is on, based on the readlock flag F2. When the read lock mode is on, the mirroring unit 331refers to the management table T and determines whether or not thereading of the target data of the read command is permitted. Whenreading of the data is permitted, the mirroring unit 331 reads the datafrom the nonvolatile memory 32 through the memory controller 35, andstores the read data in the wireless communication memory 37 through thecommunication controller 34. When reading of the data is not permitted,the mirroring unit 331 stores the dummy data generated by the controller33 or a response indicating that reading of the data is prohibited, inthe wireless communication memory 37 through the communicationcontroller 34.

FIG. 11 is a diagram illustrating an example of a relationship betweenthe management table T and the nonvolatile memory 32 according to thepresent embodiment.

The management table T includes a read permission flag F5 indicatingwhether or not reading of the data from the nonvolatile memory 32 ispermitted, on a per predetermined data unit (size) basis of thenonvolatile memory 32. When the read permission flag F5 corresponding tothe data stored in the nonvolatile memory 32 is on, the data can beread. When the read permission flag F5 corresponding to the data is off,reading of the data is prohibited.

In the following description, it is assumed that the predetermined unitis, for example, 128 kilobytes. In this case, as shown in FIG. 11, forexample, when the nonvolatile memory 32 has a size of 32 gigabytes, thesize of the management table T is 32 kilobytes. The predetermined unitcan be arbitrarily changed depending on the type of the nonvolatilememory 32 or the type, property, size, and the like of the data storedin the nonvolatile memory 32.

As described above, each read permission flag F5 is associated with dataof a predetermined size stored in the nonvolatile memory 32. The initialvalue of the read permission flag F5 maybe determined in advance by, forexample, the controller 33 depending on the type of data of apredetermined size associated with the read permission flag F5. In thiscase, with respect to the data of the predetermined size stored in thenonvolatile memory 32, the controller 33 determines the type of thedata, generates a management table T in association with theidentification information of the data and the initial valuecorresponding to the type of the data, and stores the management table Tin the memory R.

The nonvolatile memory 32 includes file placement data 53. The fileplacement data 53 records the file ID and the position of the filestored in the nonvolatile memory 32 in association with each other. Thecontroller 33 is able to recognize which file is placed in whichposition of the nonvolatile memory 32 with reference to the fileplacement data 53, through the memory controller 35.

The file placement data 53 may be placed, for example, in the FAT areaof the nonvolatile memory 32. The file placement data 53 may be stored,for example, at the beginning of the nonvolatile memory 32.

The controller 33 sets, for example, the initial value of the readpermission flag F5 corresponding to the file placement data 53 to ON,before the electronic apparatus 2 reads or writes data from or to thewireless storage apparatus 3B.

The nonvolatile memory 32 includes, for example, the management file D6and the user file D7 in the user area.

The management file D6 is, for example, a system file used when theelectronic apparatus 2 manages the wireless storage apparatus 3B. Forexample, when the wireless storage apparatus 3B is mountable on aplurality of electronic apparatuses, and an individual management fileis required for each of the plurality of electronic apparatuses, aplurality of management files respectively corresponding to theplurality of electronic apparatuses may be stored in the nonvolatilememory 32. In this case, the controller 33 may be able to determinewhich management file is associated with which electronic apparatus byan extension attached to each management file.

Similar to the case of the file placement data 53, it is preferable thatthe initial value of the read permission flag F5 corresponding to themanagement file D6 is set to ON and reading is permitted.

The user file D7 is, for example, a file (user data) such as a document,a moving image, and an image, which is written, in response to a commandfrom the electronic apparatus 2 or the information processing apparatus4. In the read lock mode, it is preferable that the initial value of theread permission flag of the user file D7 is off, and the reading of theuser file D7 is prohibited. Thus, the security of the user file D7 issecured.

However, a specific user file D7 is made readable under predeterminedconditions, thereby improving the convenience of the user. For example,when the controller 33 which is supplied with power from the electronicapparatus 2 writes the user file D7 to the nonvolatile memory 32 throughthe memory controller 35, the controller 33 may be able to read the userfile D7 while the power is continuously supplied from the electronicapparatus 2. Thus, until the power supply from the electronic apparatus2 to the wireless storage apparatus 3B is stopped after the user file D7is written to the wireless storage apparatus 3B, the electronicapparatus 2 can read the written user file D7 from the wireless storageapparatus 3B and display it. Therefore, the user can check whether ornot the written data is normally stored in the wireless storageapparatus 3B, using the electronic apparatus 2. Once power supply fromthe electronic apparatus 2 to the wireless storage apparatus 3B isstopped and power supply from the electronic apparatus 2 to the wirelessstorage apparatus 3B is resumed, the controller 33 sets the readpermission flag of the user file D7 to an initial value (Off), andprohibits reading of the user file D7 until the read lock mode isreleased.

Similarly, the controller 33 may update the management table T such thatreading of the user file D7 is permitted for a predetermined periodafter the user file D7 is written to the nonvolatile memory 32 andreading of the user file D7 is not permitted when a predetermined periodelapses. In this case, the user can easily check the contents of theuser file D7 for a predetermined period after writing the user file D7.

The controller 33 may identify the type of the electronic apparatus 2and determine the type of data for which reading is permitted dependingon the type of the electronic apparatus 2. In this case, the controller33 sets ON the initial value of the read permission flag F5corresponding to the data for which reading is determined to bepermitted.

FIG. 12 is a flowchart illustrating an example of a file reading processin a read lock mode according to the third embodiment.

In read lock mode, if the file size of user file D7 is larger than thedata size managed by the read permission flag F5, a plurality of readpermission flags F5 are associated with one user file D7. FIG. 12illustrates a process in which the controller 33 reads the user file D7through the memory controller 35.

In step S601, the controller 33 searches the management table T, andreads the first read permission flag F5 corresponding to the data in thehead portion of the user file D7.

In step S602, the controller 33 determines whether the first readpermission flag F5 is on or off.

When the first read permission flag F5 is off, the controller 33determines that the user file D7 is not readable, and returns the dummydata generated by the controller 33 or informs that reading of the userfile D7 is prohibited, in step S603. Thus, reading of data for whichreading is not permitted is locked.

When the first read permission flag F5 is on, the controller 33 readsdata of the size not greater than the size corresponding to the firstread permission flag F5 from the user files D7 in step S604.

In step S605, the controller 33 reads the subsequent read permissionflag F5 of the first read permission flag F5. When the subsequent readpermission flag F5 is off, the controller 33 returns the read data, asthe part data of the user file D7, in step S606.

When the subsequent read permission flag F5 is on, the controller 33further reads data of the size not greater than the size correspondingto the subsequent read permission flag F5 from the user files D7 in stepS607.

In step S608, the controller 33 determines whether or not all readpermission flags F5 corresponding to the user file D7 are read. If thereis a read permission flag F5 which is not read, the process returns tostep S605.

When all read permission flags F5 are read, the controller 33 returnsthe read data as the data of the user file D7 in step S609.

FIG. 13 is a flowchart illustrating an example from the generation of amanagement table T in the read lock mode to the execution of processescorresponding to the received command, which is executed by the wirelessstorage apparatus 3B according to the present embodiment. The readingprocess from step S706 to step S709 in FIG. 13 corresponds to theflowchart illustrated in FIG. 12, but it is illustrated in a simplermanner than the flowchart in FIG. 12.

In the case of the read lock mode, the controller 33 reads the fileplacement data 53 from the nonvolatile memory 32 through the memorycontroller 35 in step S701, and generates a management table Tindicating whether or not to permit reading of data, in the read lockmode, based on the information on the file placement data 53. Thecontroller 33 stores the generated management table T in the memory R.

Since the process of step S702 and step S703 is the same as the processof step S501 and step S502 of FIG. 9, the description thereof will beomitted.

When it is determined that the write command is received in step S703,the controller 33 instructs the memory controller 35 to write thewriting target file in step S704. The memory controller 35 writes thewriting target file to the nonvolatile memory 32.

In step S705, the controller 33 updates the file placement data 53 ofthe nonvolatile memory 32 through the memory controller 35, based on theplacement state of the file of the nonvolatile memory 32 after thewriting target file is written, and updates the management table T ofthe memory R.

On the other hand, in a case where it is determined that the readcommand is received in step S703, the controller 33 searches themanagement table T, and reads a read permission flag F5 of a read targetfile, in step S706.

In step S707, the controller 33 determines whether the state of the readpermission flag F5 of the read target file is on or off.

When the read permission flag F5 is off, the controller 33 transmits thedummy data generated by the controller 33 or a response indicating thatreading of the read target file is prohibited, to the electronicapparatus 2 through the connector 36 in step S708. Thus, reading of datafor which reading is not permitted is locked.

On the other hand, if the read permission flag F5 is on, the controller33 instructs the memory controller 35 to read the read target file fromthe nonvolatile memory 32, in step S709. The memory controller 35 readsthe read target file from the nonvolatile memory 32 and transmits theread file to the controller 33. The controller 33 transmits the readingtarget file received from the memory controller 35 to the electronicapparatus 2 through the connector 36.

In step S710, the controller 33 determines whether or not to continuethe process. If the process is not to be continued, the process ends;and if the process is to be continued, the process proceeds to stepS702.

The above is a description of a read lock mode when a read command or awrite command is received from the electronic apparatus 2. Theoperations in the read lock mode as described above can also be usedwhen data of the nonvolatile memory 32 is written to the wirelesscommunication memory 37 by the mirroring unit 331.

More specifically, the mirroring unit 331 first reads the read lock flagF2 from the wireless communication memory 37 through the communicationcontroller 34 at the mirroring execution timing.

The mirroring unit 331 generates dummy data for data whose read lockflag F2 is ON and of which reading is not permitted in the managementtable T stored in the memory R, and stores the dummy data in thewireless communication memory 37 through the communication controller34. When the information processing apparatus 4 reads the data in thewireless storage apparatus 3A, the information processing apparatus 4receives the dummy data stored in the wireless communication memory 37.

In the present embodiment described above, the controller 33 stores amanagement table T for managing whether to permit reading for the datastored in the nonvolatile memory 32. In the read lock mode, thecontroller 33 generates dummy data for the read-prohibited data storedin the nonvolatile memory 32 and transmits the dummy data to theelectronic apparatus 2 or the communication controller 34. Therefore, inthe read lock mode according to the present embodiment, it isunnecessary to divide the storage area of the nonvolatile memory 32 andstore the dummy data in one area. This reduces the processing load ofthe wireless storage apparatus 3, because synchronization of fileplacement data between divided areas, and preparation for dummy datacorresponding to user data are not needed. Since the user-writable userarea is not halved, the convenience of the user is improved. Since thesame user area can be used in the lock/unlock mode and the read lockmode, high convenience can be ensured even when the user switchesbetween the lock/unlock mode and the read lock mode.

In the present embodiment, the case of restricting reading of data fromthe wireless storage apparatus 3 by the electronic apparatus 2 in theread lock mode is described, but the same can apply to the case ofrestricting reading of data from the wireless storage apparatus 3 by theinformation processing apparatus 4 through wireless communication. Inthis case, for example, the wireless storage apparatus 3 receives a readcommand and information designating data to be read (hereinafter,referred to as designation information) from the information processingapparatus 4 through the communication controller 34, and stores it inthe wireless communication memory 37. When electric power is suppliedfrom the electronic apparatus 2 to the controller 33, the controller 33confirms the designation information stored in the wirelesscommunication memory 37 and searches the management table T to check theread permission flag corresponding to data in the nonvolatile memory 32indicated by the designation information. When the read permission flagis on, the controller 33 reads the data in the nonvolatile memory 32indicated by the designation information from the nonvolatile memory 32through the memory controller 35, and transmits the data in thenonvolatile memory 32 indicated by the designation information to theinformation processing apparatus 4 through the communication controller34. If the read permission flag is off, the controller 33 transmits thegenerated dummy data or a response indicating that the reading the datain the nonvolatile memory 32 indicated by the designation information isprohibited, to the information processing apparatus 4 through thecommunication controller 34.

Although the case where the wireless storage apparatus 3 is an SD cardis described in the present embodiment, the wireless storage apparatus 3can also be applied to various other recording mediums such as SxS® andSSD.

In the present embodiment, a description is made that the read lock flagF2 is stored in the wireless communication memory 37. Thus, even ifpower is not supplied from the electronic apparatus 2 to the controller33, the state of the read lock flag F2 can be changed through thewireless communication between the information processing apparatus 4and the wireless storage apparatus 3B, thereby improving convenience ofthe user.

However, the read lock flag F2 maybe stored in the memory R of thecontroller 33. In this case, the read lock flag F2 can be changed onlywhen electric power is supplied from the electronic apparatus 2 to thecontroller 33, thereby preventing the read lock flag F2 from beingchanged in a state where the wireless storage apparatus 3B is notmounted on the electronic apparatus 2. This increases the security ofthe wireless storage apparatus 3B.

While certain embodiments have been described, these embodiments havebeen presented by way of example only, and are not intended to limit thescope of the inventions. Indeed, the novel embodiments described hereinmay be embodied in a variety of other forms; furthermore, variousomissions, substitutions and changes in the form of the embodimentsdescribed herein maybe made without departing from the spirit of theinventions. The accompanying claims and their equivalents are intendedto cover such forms or modifications as would fall within the scope andspirit of the inventions.

What is claimed is:
 1. A storage apparatus comprising: a first memory,which is nonvolatile; a first controller that controls the first memory;a wireless antenna; a second memory, which is operable based on powersupplied from the wireless antenna; and a second controller that isoperable based on the power supplied from the wireless antenna, andperforms communication using the wireless antenna, wherein the secondcontroller when performing communication with an external apparatususing the wireless antenna, performs authentication of the externalapparatus, and stores in the second memory an authentication resultindicating whether the authentication succeeded or failed, and if theauthentication result indicates that the authentication succeeded,permits reading by the external apparatus of first data from the secondmemory by communication using the wireless antenna or writing by theexternal apparatus of second data to the second memory by communicationusing the wireless antenna, and if the authentication result indicatesthat the authentication failed, prohibits reading by the externalapparatus of any data from the second memory by communication using thewireless antenna or writing by the external apparatus of any data to thesecond memory by communication using the wireless antenna.
 2. Thestorage apparatus according to claim 1, wherein if the authenticationresult indicates that the authentication succeeded, the secondcontroller receives from the external apparatus through the wirelessantenna, designation information including designation of the first dataor designation of a storage area for the first data in the first memory,and stores the designation information in the second memory, and thefirst controller reads the first data indicated by the designationinformation from the first memory, and the second controller transmitsthe first data read by the first controller to the external apparatusthrough the wireless antenna.
 3. The storage apparatus according toclaim 1, wherein if the authentication result indicates that theauthentication succeeded, the second controller receives from theexternal apparatus through the wireless antenna, the second data anddesignation information including designation of a storage area for thesecond data in the first memory, and stores the second data and thedesignation information in the second memory, and the first controllerstores the second data in a storage area in the first memory designatedby the designation information.
 4. The storage apparatus according toclaim 1, further comprising: a mirroring unit, wherein if theauthentication result indicates that the authentication succeeded, themirroring unit performs mirroring of the first data stored in the firstmemory in the second memory or mirroring of the second data stored inthe second memory in the first memory.
 5. The storage apparatusaccording to claim 4, further comprising: a main controller thatcommunicates with the first controller and the second controller,wherein the mirroring unit is implemented in the main controller.
 6. Astorage apparatus comprising: a connector which is electricallyconnectable with a first external apparatus; a nonvolatile memory thatis operable based on power supplied from the first external apparatusthrough the connector; a first controller that is operable based onpower supplied from the first external apparatus through the connector,and controls the nonvolatile memory; a wireless antenna; a first memorythat is operable based on power supplied from the wireless antenna; asecond controller that is operable based on the power supplied from thewireless antenna, and performs communication using a second externalapparatus and the wireless antenna; and a second memory that storesmanagement data for managing read access to first data stored in thenonvolatile memory, wherein the first controller, responsive to a readcommand to read the first data received from the first externalapparatus through the connector, determines whether or not reading ofthe first data is permitted, based on the management data, and whereinthe first controller if reading of the first data is permitted, readsthe first data from the nonvolatile memory, and transmits the read firstdata to the first external apparatus through the connector as a responseto the read command, and if reading of the first data is not permitted,generates second data different from the first data, and transmits thesecond data to the first external apparatus through the connector as aresponse to the read command.
 7. The storage apparatus according toclaim 6, wherein the second controller if reading of the first data ispermitted, writes the first data in the first memory, and if reading ofthe first data is not permitted, writes the second data in the firstmemory, and responsive to request for the first data received from thesecond external apparatus through the wireless antenna, the secondcontroller reads the first or second data stored in the first memory,and transmits the read first or second data to the second externalapparatus through the wireless antenna.
 8. The storage apparatusaccording to claim 7, wherein if the size of the first data is greaterthan a data unit for managing read access to the first data, the firstcontroller determines whether or not to permit reading for each ofmultiple portions of the first data.
 9. The storage apparatus accordingto claim 8, wherein the first controller updates the management data soas to permit reading of the first data for a predetermined period afterthe first data is written to the nonvolatile memory, and not permit thereading of the first data after the predetermined period has lapsed. 10.The storage apparatus according to claim 8, wherein the first controllerpermits reading of the first data when the first data is written to thenonvolatile memory, and thereafter, if the supply of power to the firstcontroller is stopped and then resumed, the first controller updates themanagement data such that the reading of the first data is notpermitted.
 11. A method of controlling read access to data stored in astorage apparatus, wherein the storage apparatus includes a connectorwhich is electrically connected with a first external apparatus, anonvolatile memory that is operable based on power supplied from thefirst external apparatus through the connector, a wireless antenna, afirst memory that is operable based on power supplied from the wirelessantenna, and a second memory that stores management data for managingread access to first data stored in the nonvolatile memory, said methodcomprising: responsive to a read command to read the first data receivedfrom the first external apparatus through the connector, determiningwhether or not reading of the first data is permitted, based on themanagement data; if reading of the first data is permitted, reading thefirst data from the nonvolatile memory, and transmitting the read firstdata to the first external apparatus through the connector as a responseto the read command; and if reading of the first data is not permitted,generating second data different from the first data, and transmittingthe second data to the first external apparatus through the connector asa response to the read command.
 12. The method according to claim 11,further comprising: if reading of the first data is permitted, writingthe read first data in the first memory; if reading of the first data isnot permitted, writing the second data in the first memory; andresponsive to a request for the first data received from a secondexternal apparatus through the wireless antenna, the second controllerreading the first or second data stored in the first memory, andtransmitting the first or second data to the second external apparatusthrough the wireless antenna.
 13. The method according to claim 12,further comprising: if the size of the first data is greater than a dataunit for managing read access to the first data, determining whether ornot to permit reading for each of multiple portions of the first data.14. The method according to claim 13, further comprising: updating themanagement data so as to permit reading of the first data for apredetermined period after the first data is written to the nonvolatilememory, and not permit the reading of the first data after thepredetermined period has lapsed.
 15. The method according to claim 13,further comprising: updating the management data to permit reading ofthe first data when the first data is written to the nonvolatile memory;and thereafter, if the supply of power to the first controller isstopped and then resumed, updating the management data to not permitreading of the first data.